1

I help to run a lan in Sydney.

We have a need for a proxy/gateway solution to allow those pesky games that require internet to work.

I have been doing this with an ISA server and it has worked quite well. However now i wish to port this over to run on the same hardware as our cacti / nagios box under a vmware VM. ISA server is horridly nad due to the massive ram and i/o requirement for something is basically port blocking and handing out IP's.

The needs are as follows. 1. DHCP 2. WINS (otherwise network devices fight over who is the WINS master) 3. Filtering based in PORT for outbound traffic. 4. Ability to whitelist IP/MAC's for internet access. 5. Web Interface.

I had been thinking to use PFSENSE however there is no option for a WINS server and i cbf working my way around bsd.

user9517
  • 114,104
  • 20
  • 206
  • 289
BeStRaFe
  • 280
  • 1
  • 9
  • 1
    As I understand it WINS on Linux requires Samba and that has no place on a firewall. Besides, the trivial amount of traffic generated by browser elections can't possibly be a real issue. If it is you have insufficient bandwidth for network games. – John Gardeniers Mar 11 '10 at 11:38
  • Agree, WINS server has nothing to do on a firewall. Set up a separate server for that. – pauska Mar 11 '10 at 14:54
  • browser election with windows 7/vista in the mix becomes a huge issue for broadcast traffic when you have 500 computers spamming it out. it chews up right to the 5% broadcast limit we have implied on the switches and 5% is a freaking huge amount of traffic when you also have leechers in the mix. – BeStRaFe Mar 11 '10 at 15:20

5 Answers5

2

Try the eBox Platform. It has lots of modules and functionality and can, indeed, act as a WINS server.

chmeee
  • 7,270
  • 3
  • 29
  • 43
0

I think the best is the one you'll build specifically for your needs,

Since you're thinking about BSD, a FreeBSD box with Samba for WINS services, pf for packet filtering and ISC DHCP for providing address assignement may fit your needs....

There'are many ressources out there for configuring them individualy, also you may have to ensure that the samba WINS server will win all browser elections.

Hope this helps

Maxwell
  • 5,026
  • 1
  • 25
  • 31
  • This is kinda anti my point i want here. 1) needs to be linux based, makes things easy as im forced to interact with it. 2) needs to have a web interface... i am not the only one going to be using this. i need it to have the ability to be used by numpties who are less then competent in this area. – BeStRaFe Mar 11 '10 at 09:23
0

You have a couple of options:

1-Do it yourself with squid, dhcp setup on your linux machine and use fwbuilder to build your firewall rules. You can use webmin to manage your WINS, dhcp, dns etc.

2-Use a packaged solution like smoothwall, don't know whether it support WINS, but you can use Samba to setup your WINS service and it comes with a management tool called SWAT.

Francois Wolmarans
  • 1,570
  • 10
  • 14
0

Whilst the pro version of Smoothwall is very good, you may find the free, 'Express' version lacking. For example, last I checked it did not have great support SATA drives.

Two alternative firewall distributions that are very good are:

M0n0wall is BSD rather than Linux, but it has a decent installer and Web UI, so all going well you won't notice (or need to know) the difference.

David Harrison
  • 441
  • 2
  • 5
0

My choice would be Smoothwall Express, which will more than meet your needs, as long as you get over your problem with browser elections. It does support SATA just fine but is a little picky about SCSI.

John Gardeniers
  • 27,262
  • 12
  • 53
  • 108